Canonical Closes Linux Kernel Vulnerabilities in Ubuntu 14.04 LTS

A few Linux kernel vulnerabilities discovered in the Linux kernel affecting the Ubuntu 14.04 LTS (Trusty Tahr) operating system have been corrected by Canonical.

Ubuntu developers have issued a new kernel update for the latest 14.04 LTS release, fixing a number of issues that have been affecting the operating system. This is nothing out of the ordinary and it fact it’s more like maintenance work.

“Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges.”

“An information leak was discovered in the netfilter subsystem of the Linux kernel. An attacker could exploit this flaw to obtain sensitive information from kernel memory.”

These are just two of the vulnerabilities closed by this update, and Ubuntu users will get the new version via the Software Update.

The security flaws can be fixed if users upgrade the system(s) to the linux-image-3.13.0-29-generic, (3.13.0-29.53), but this is only true for Ubuntu 14.04 LTS (Trusty Tahr). Other operating systems feature different Linux kernels and the versions will be different.

ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.